SB2020091422 - Multiple vulnerabilities in McAfee MVISION Endpoint
Published: September 14, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 vulnerabilities.
1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2020-7324)
CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to application does not properly impose security restrictions. A local user can bypass security mechanisms and deny access to the SYSTEM folder.
2) Link following (CVE-ID: CVE-2020-7325)
CWE-ID: CWE-59 - Improper Link Resolution Before File Access ('Link Following')
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to access unauthorised files.
The vulnerability exists due to a symlink following issue. A local user can access files which the user otherwise would not have access to via manipulating symbolic links to redirect McAfee file operations to an unintended file.
Remediation
Install update from vendor's website.